OSI.ID is a complete solution for managing user identity, user rights, login mechanisms and audit trails for internal and external users. The system has modular design, what enables the use of individual components. OSI.ID simplifies and centralizes management of users, rights and audit trails for new and existing applications, because it offers functions of authentication, authorization and audit trails as an IT solution for internal and external applications. With centralization of these services and support of standard protocols for the exchange of information, OSI.ID greatly reduces the cost of development of new applications, increases the safety of existing applications and enables the consolidation of users account sources and unification and control of safety functions.
Product OSI.ID consists of modules that complement each other and can act independently or integrated into a wider central solution.
OSI.ID.AuthScheme enables implementation of complete safety scheme of a company for external and internal users. Security scheme includes, beside roles, also rights for access to individual components of application or individual data.
Managing of rights of accessing the content of applications and data is a significant challenge for any company. OSI.ID.AuthScheme enables centralization of rights through management of authorization scheme, external and internal users and resources. With OSI.ID.AuthScheme costumer acquires a central solution that unifies management of rights and enables, through standard APIs, easy integration in applications for unification of authorization filters.
Owner of data manages access rights to his data. OSI.ID.AuthSelfCare enables the final owner of data to issue authorizations (mandates) to access his data. Final user can two-dimensionally determine which categories of contents and which columns the authorizer can access. He can also limits accesses for a specific period of time.
The final user delegates rights to other data processors over their data through OSI.ID.AuthSelfCare.
Examples of use: Pacient allows specialist XY the insight into the results of a medical examination for a period of X days.
OSI.ID.AuthenticationHandlers enables an advanced user authentication with mechanism such as X509, PWD, SMS, TOTP, BIO in OpenID Connect, Kerberos, …
Various login mechanism are centralized and available to application end users, to support one or more valid authentication mechanism, where various authentication mechanisms also enable a higher level of access rights.
Practical examples of login into applications that are installed at service provider:
- User name and password.
- A token through SMS.
- A transparent login through existing login on work station.
- Login with certificate.
OSI.ID.AuthorizationHandler also enables the development of support for login mechanism that is custom made for the customer.
OSI.ID.IdentityProvider is a module that is responsible for identifying users that wish to participate in the system and for transmitting identity to the service providers. Beside basic information about the user, the module also enables the provision of other information from OSI.ID.AuthScheme. The module supports various standard protocols for the exchange of information: SAML v1 and v2, REST, Web service, OpenID Connect …
OSI.ID.IdentityProvider simplifies the Web SSO implementation with minimal changes on the level of applications, because with integration of application interface level modules, it transfers the exchange of information on OIS.ID system bus, and application accesses authentication and authorization data through session variables.